Research On Identification And Access Control In Blockchain

Blockchain is a distributed structure characterized by multiple centers,transparency,openness and non repudiation,which can establish peer-to-peer delivery of trustworthy values among unfamiliar peers without relying on a third party,reduce transaction cost and raise interactive efficiency.Therefore,it has a very broad application prospect.However,with the promotion and popularity of blockchain technology,the problem of privacy leakage has become increasingly conspicuous.Failure to deal with privacy protection in blockchain will unavoidably do harm to its future development.Users ought to pay extra attention to the protection of identity privacy and transaction privacy,since such information will do a disservice to users once it is leaked.Besides,the inability to delete or alter the data stored in the ledger of blockchain prevents users from making any remedies even if they realize the exposure of part of the address or transaction data.So,how to avoid the problem of privacy leakage in blockchain has become paramount importance.In order to cope with privacy protection in blockchain,this paper designs and realizes a privacy protection scheme based on the open source project of consortium blockchain,Hyperledger Fabric v1.0,from two aspects,identification and access control.Firstly,this paper designs and realizes an improvement scheme targeting at transaction certificate,which solves the problems of low efficiency and large storage space occupied by the keys in two-level certificate system of the consortium blockchain,Fabric.The scheme also optimizes the complicated key derivation algorithm,improving its efficiency,optimizing the structure of transaction certificate,solving the problem of large storage space occupied by the keys.In the end,through the platform of Hyperledger Fabric v1.0,this scheme is realized with go lang.Secondly,this paper designs and realizes the access control mechanism inside the channel in terms of chaincode and ledger.With regard to chaincode,access control mechanism based on attributes is achieved through chaincode logic.This paper encapsulates and achieves the interfaces relating to attributes,making it convenient to achieve access control by writing chaincode logic;with regard to the ledger,input data of the transaction in the ledger is encrypted and the original data is only visible to endorsing peers.Such a design makes it impossible to know the content of transaction through the analysis of ledger data,and thus makes it safer;Thirdly,cryptographic algorithm in the scheme above is replaced by national cryptographic algorithm.ECDSA,a public key signature algorithm,in the original algorithm is displaced by SM2;AES,a symmetric encryption algorithm,is replaced by SM4;HMAC,the Hash algorithm,is substituted by SM3.Based on the platform of Hyperledger Fabric v1.0,this paper adopts national cryptographic algorithm to achieve the prototype system,which generates,stores and verifies the two-level certificates system(enrollment certificate and transaction certificate),realizes the data access control in the same channel,and meets the demand of a high security application scene.According to the test result,the improvement scheme raises the generation efficiency of transaction certificates,and the access control mechanism meets the demands of performance in the industry,it can thus provide a safer and more feasible privacy protection scheme for the application of blockchain.